Mombasa, Kenya: CloudFlare’s 43rd data center

Only two weeks after the announcement of our four new points of presence (PoPs) in the Middle East, it is with much hullabaloo that we announce our 43rd PoP, and second in Africa following Johannesburg, in Mombasa, Kenya (a.k.a. “The Castle”). In a challenge that vexed many of our readers, Mombasa is our first PoP to be located in a real life castle-turned-data center (see above). From this castle CloudFlare is already serving networks in every country across East Africa, with reach to many of the region's 30 million+ Internet users.

Building a better Internet in Eastern Africa

While today it feels as if Internet access is ubiquitous, this is most certainly not the case everywhere. The continent of Africa was connected relatively late to the Internet and, in the first years, access was limited to a small segment of the population due to lackluster investment and growth in underlying Infrastructure, and high access costs. Most Africans were also without access to broadband Internet, and were largely limited to viewing content created and hosted half a world away—for the same reason there was little access, there was also no local hosting industry to speak of. By Continue reading

Nagle’s algorithm

How does Internet work - We know what is networking

This article it’s not about mathematics, don’t be afraid. I’m running a networking blog and it’s not my intention to speak or write about anything related to mathematics. Biggest math problem that I’ve done in last few years is some simple subneting, EIGRP metric calculation and that is where I stopped with math for now. On the other hand I love the theory behind algorithms, specially if the algorithm is used in networking and if it is so simple and powerful as Nagle’s algorithm. You can guess, John Nagle is the name of the fellow who created the algorithm. He

Nagle’s algorithm

Some routers vulnerable to remote hacking due to hard-coded admin credentials

Several DSL routers from different manufacturers contain a guessable hard-coded password that allows accessing the devices with a hidden administrator account.According to an alert issued Tuesday by the CERT Coordination Center (CERT/CC) at Carnegie Mellon University, the affected device models are: ASUS DSL-N12E, DIGICOM DG-5524T, Observa Telecom RTA01N, Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN and ZTE ZXV10 W300.All of the devices have an admin password in the form "XXXXairocon" where XXXX are the last four characters of the device's physical MAC address, CERT/CC said.To read this article in full or to leave a comment, please click here

What is SD WAN?

Software Defined Wide Area Networking (SD WAN) –sometimes known as SD-WAN and occasionally as Hybrid WAN– is evidently still the flavor of the month in Silicon Valley. Much as it seemed that anything with the word “Cloud” in it a few years back would have money thrown at it indiscriminately by investors, the current favored (funded) feature surely has to be SD WAN. As there doesn’t seem to be one unifying definition of what constitutes “SD WAN” any more than there’s a precise definition of Software Defined Networking, I’m going to define it in the way that I believe best encompasses the intent behind the current flock of solutions.

SDN is a Solution Looking for a Problem

I’ve said before that SDN is a clever idea and eventually will change the way we do networking. However, many are hesitant to adopt SDN because it’s not always immediately obvious what the benefits are to the typical non-hyperscale datacenter other than having to do a lot of retraining. In other words SDN can potentially solve many problems, but it will most likely be necessary to find a ‘killer app’ that will encourage wider adoption, even in it’s only applicable to a limited Continue reading

Sunrise on Oak Island

DSC01589
One of the neat things about Oak Island is it’s a south facing beach. You don’t get the sun over the beach in the morning, but along the beach, and both sunrise and sunset are over the water at some time in the year. Some days, the sunrise and the sunset are both over the ocean.

LinkedInTwitterGoogle+FacebookPinterest

The post Sunrise on Oak Island appeared first on 'net work.

Flowgrammable as a Tool for Learning OpenFlow Concepts and Programming

At first glance, the Flowgrammable web site looks like a toolbox of tools you collected over time. All those tools have something to do with helping us all towards an SDN world. Two of those tools in particular can help you learn about SDN, particularly about how OpenFlow works, and that’s exactly the kind of topic I look to post about here – so today’s post takes a closer look at what’s available at the Flowgrammable site.

Quick Overview of Flowgrammable

The first sentence of the Flowgrammable web site’s About page both confirms why the content may appear to be a mash of topics, but why it all the topics have a common theme:

Flowgrammable.org is a coalition of researchers and industry engineers dedicated to improving adoption of software-defined networks and networking.

Basically, they’re trying to help us all get there, to an SDN world, in the ways that they can help.

I talked to 5-6 of the Flowgrammable team at ONS in June and learned about their site. As for the people, many are grad students that have worked together to develop the tools shown on the site.

For this post, I’ll mention two of their tools, and Continue reading

Make Your Life Easier by Creating Utilities and Delegating Playbooks

simplicity_blog

Last week we hosted our second session of the Tips & Tricks webinar series and focused on creating utilities and delegating playbooks. We want to make your life easier by helping you to automate tasks and then delegate the execution. Ansible is not a programming language, but you can use it as one. Here’s what you need to know…

#1 Create executables that someone else can use

Leverage the shebang (#!) and use ansible as you would any scripting language to create utilities that can reuse your existing playbooks, roles and task lists.

#2 Use permissions to segment access

Unix permissions (and ACLs) can be used to restrict access to inventory and to the users/keys needed to access the defined hosts. You can also restrict which utilities can be executed (sudo).

#3 Use Ansible to make ad-hoc systems

Ansible is a Unix tool, as such it can be combined with others (cron, incron, netcat, ucspi, etc) to create automated workflows.

Watch the entire webinar now.

If you missed Brian's first Tips & Tricks session on Live Systems, you can watch it here

Next up is Tips & Tricks: QA on September 17, at 3PM Eastern. Register now and Continue reading

More than 80% of healthcare IT leaders say their systems have been compromised

Eighty-one percent of healthcare executives say their organizations have been compromised by at least one malware, botnet or other kind of cyberattack during the past two years, according to a survey by KPMG.The KPMG report also states that only half of those executives feel that they are adequately prepared to prevent future attacks. The attacks place sensitive patient data at risk of exposure, KPMG said.The 2015 KPMG Healthcare Cybersecurity Survey polled 223 CIOs, CTOs, chief security officers and chief compliance officers at healthcare providers and health plans.To read this article in full or to leave a comment, please click here

Musing on Nerd Knobs

Henk left a wonderful comment on my SDN will not solve real-life enterprise problems blog post. He started with a bit of sarcasm:

SDN will give more control and flexibility over the network to the customer/user/network-admin. They will be able to program their equipment themselves, they will be able to tweak routing algorithms in the central controller. They get APIs to hook into the heart of the intelligence. They get more config-knobs. It's gonna be awesome.

However, he thinks (and I agree) that this vision doesn’t make sense:

Read more ...

Creating Templates for TextFSM and ntc_show_command

Less than two weeks ago I wrote a post about an Ansible module called ntc_show_command. For those that didn’t read that post, you should, but ntc_show_command is a multi-vendor module that can automate converting raw text from show commands into structured data, namely JSON.

We’ve already had several pull requests enhancing the architecture, so the community support is off to a great start! But in order to really make an impact, we (me, you, and fellow network engineers) need to continue to contribute templates to the project repository. Templates are key to converting the raw text into JSON.

This post will walk through how to create a template for two different commands. We’ll take a look at show version for Cisco NX-OS and display version for HP Comware 7.

The first thing that we’ll need to do is get the raw text output that we want to JSONify. We’ll start with show version.

Below is the sample output that we’ll work with and this file will be saved as tests/cisco_nxos/cisco_nxos_show_version.raw within our project directory.

Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2014, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain  Continue reading

Codec Negotiations in Your CCIE Collaboration Preparation

Codec negotiation is a topic that gets glossed over without much consideration in the studies of most students. There’s really not much to it, right? All we have to do is slap a couple of Regions on two different system endpoints and…voila, we have successfully negotiated a codec! Can it be that simple? Like most answers to rhetorical questions in the tech world, “It depends.” A simplistic approach like the one just described above is a great place to start, but it doesn’t take into account key call flow elements such as early/delayed offer, Audio Codec Preference Lists, or call routing across CUBE, CUCM or CUCME. What if the codec should be different based on the originator of the call? These are all examples of key issues involving codec negotiation that we must wrap our mind around if we are to be successful in our CCIE Collaboration endeavors.

Let’s examine the requirement of routing a call between a 9971 Phone registered to the HQ CUCM cluster (HQ Phone 1) and a 7965 Phone registered to the SB CUCM cluster (SB Phone 1). In this example, consider that a SIP Trunk is configured directly between clusters in order to route Continue reading

Linux Core 6.3 as Routing and Switching VMware Appliance

Two weeks ago I finished creating a network host based on Linux Core 6.3 installed on WMware x86-64 virtual machine. I loaded Core Linux with several network extensions that allows host to generate, measure, route network traffic and scan networks. I also wrote a short article that contains a list of loaded extension.

Then I went further with the ​project and my goal was to build L3 switch and router based on  Core Linux 6.3 loaded with Open vSwitch, Quagga, Bird and Keepalived extension. Those are the right extensions that turned the network host  to routing and switching appliance. Furthermore the routing daemons Quagga and Bird and multilayer switch Open vSwitch are used in many large production networks.

The R&S appliance I built can be used for learning networking on Linux, routing and switching. It is available for download in Download section. For those who are interested in installation steps the whole process of extension installation  is described in this article.

The virtual VMware appliance is based on Linux Core network host image and it contains all the extensions listed here plus the following extensions:

openvswitch - 2.4.90
quagga - 0.99.24.1
bird - 1.5.0
keepalived - 1.2.19

Note Continue reading

1 3,358 3,359 3,360 3,361 3,362 3,857